Off the Beaten Path: Recent Unusual Malware
Essential information
- Published
- 17/03/2025 09:40
- Modified
- 17/03/2025 10:03
- Tags
- 2025-03-14 2025-03-17 apt backdoor bootkit c++/cli dixie-playing bootkit grub iis backdoor post-exploitation projectgeass
- Related entities
- 7 observables, 5 techniques (mitre)
Description
The article examines three unusual malware samples: a C++/CLI IIS backdoor enabling stealthy remote command execution, a bootkit leveraging the GRUB 2 bootloader to gain early system control and persistence, and a cross-platform post-exploitation framework developed in C++. These cases highlight evolving attacker techniques that prioritize stealth, persistence, and unconventional execution methods to evade detection.